International computer magazine "Secure Computing"gives 5 stars rating to Kaspersky Lab's AntiViral Toolkit Pro

05 Apr 2000
Business News

The International Journal of Computer Security

May 2000
AntiViral Toolkit Pro

With its archive scanning switched on, AntiViral Toolkit Pro has been the only anti-virus solution to provide 100 per cent detection in our compression test.
One thing guaranteed to prove frustrating is having to open a PDF file to locate a manual, then having to print it before starting an installation - even when the quality of the manual is high.
This particular anti-virus solution provided some surprises when undergoing our tests. Its identification and disinfection rates were high but with archive scanning switched on in our compression test it produced a result we haven't experienced with other solutions. It proved itself to be worthy of our admiration on this score alone.

Virus writers have had to be more inventive with their destructive code of late, with some having being caught and subsequently punished for their global acts of vandalism. A viral infection often causes havoc within an organisation; this has led to the necessity for far better scanning engines with less obtrusive means to ensure practical and effective protection.
The need to develop new anti-virus products continues in the light of each piece of destructive code that is released into the wild. With so many variants arriving, users need to be assured that the solution they choose continues to be effective as each new strain is identified. This is why so many new products hit the marketplace but if you choose a product from a reputable and long-standing company, you will be half way there!
AntiViral Toolkit Pro (AVP) is a total anti-virus solution designed for Microsoft Windows, as well as Linux, MS Office 2000, NetWare, OS/2 plus many other systems. It gave us very promising results during its testing - our virus collection is large and is certainly a challenge for most products. With our facilities it is a fairly easy task to differentiate between the products that claim they are the best and the ones that can prove their claims categorically.
The Platinum Edition of AVP comprises of five main components to ensure that your systems are properly scanned and kept virus-free. You will see from our test results that Kaspersky Lab has worked hard to maintain its customers' faith in them.
The first of the components is the AVP Scanner; this is an 'on-demand' scanner that will provide a system check with which you can scan through your computer to ensure that the contents of any disks, folders or files are virus-free. It also provides the means to remove them using the AVP disinfection.
The AVP Monitor is launched when a user logs on to Windows and is the 'on-access' part of AVP. It monitors the status of all the activity on a computer ensuring that it is virus-free before programs are opened. AVP Monitor ensures files that are found to contain a virus are not opened, copied or saved to disk and in this way it prevents viruses spreading.
The AVP Update will maintain your anti-virus solution and you will have to run this once AVP has been installed on your computer to ensure that the latest protection is available since the CD was pressed. In this way the solution is kept up-to-date with the latest virus information and disinfection of any newly released viruses is made possible. The updates are installed automatically once downloaded from the Kaspersky Lab Internet site.
The AVP Control Centre allows all your AVP information to be viewed. It provides the means to manage the anti-virus software and to schedule your virus scans and updates at the intervals that you have set. It also allows you to view the components, as well as remove and add them as and when new versions become available. You may also view any statistics and obtain information on the tasks that have been accomplished as well as provide remote management for your network (if you have the network control module).
The AVP Scanner 32 for DOS is designed to provide an alternative scanning procedure, where a computer is held suspect and the user or administrator doesn't want to run Windows. This is a command-line scanner designed for 32-bit computers under MS-DOS.
The installation procedure is a simple wizard-based 'follow the on-screen prompts' affair. It runs automatically from the CD and caused no problems for us at the start of our testing. It isn't a solution that requires a huge amount of space or processor speed and may be installed on a 486 running Windows 95, 98, NT 4 and 2000. RAM required only amounts to 8Mb and a mere 3Mb of disk space is needed - pretty low spec stuff these days!
The interface is as you would expect with everything clear and easy to move around in. Unless the user wants to carry out an 'on-demand' scan, AVP will sit quietly in the background and ensure that the updates and regular scans are accomplished as configured.
In the actual tests that we used, to determine the functionality and effectiveness of its anti-virus detection, AVP achieved good results. Using the most recent 'wildlist' and its available updates we bombarded this solution with everything to ensure that our findings were accurate. Although not designed to give 'a day-in-the life of an anti-virus solution' our tests have concluded that it can detect all the current viruses that are likely to be a danger. It is a hard test to live up to but AVP provided a credible 100 per cent detection rate.
Detecting viruses is not enough as we also have to ensure that of the 100 per cent detected a high enough percentage is able to be disinfected. The AVP also returned a 100 per cent disinfection rate, which is excellent news for its users. It returned no false alarms either and we were satisfied that this solution provided what it set out to do.
In our test of 3,728 macro viruses AVP only missed 12, which when considered as a percentage returns a very credible 97 per cent. Similarly, out of a total of 13,340 infected files it missed 38 of them, which equates to 96.5 per cent; again this is not far off an acceptable figure. Maybe the most telling of the results, however, was to be found during the compression tests. The AVP only managed a 37.5 per cent return with the default setting on. At first glance this was very poor but with the archive scanning turned on, to our amazement, this produced a staggering 100 per cent return. A truly excellent result that was very welcome but unexpected!
Due to the large number of viruses identified but not yet reported as being in-the-wild, we like to see what solutions make of these types of viruses and whether they can detect them or not. Part of our testing procedure, therefore, involves non-in-the wild polymorphic viruses for which AVP returned another 100 per cent detection rate.
In conclusion we feel that the AVP (Platinum Edition) performed well overall, thereby providing the protection needed to combat the growing virus threat.